Duterte appoints Naga as Chief Privacy Commission – UNTV News
Manila, Philippines – The National Commission for the Protection of Privacy (NPC) reported that some 22,000 affected individuals were affected by the ransomware attack on S&R Membership Shopping.
In a statement, the NPC said it received an initial breach notification report on November 15, 2021 at 4:47 p.m. from S&R Membership Shopping regarding a cyber attack that could have compromised its members’ contact details.
The AFN said the company discovered the cyberattack incident on November 14, 2021.
“The company then submitted a further violation report today, November 24, 2021, confirming that the object of the ransomware attack was the S&R membership system affecting twenty-two thousand (22,000) affected individuals,” said the commission.
Citing the company’s report, the AFN said the attack compromised S & R’s personal data such as date of birth, contact number and gender.
“Based on S&R’s disclosure and confirmation from their data protection officer (DPO), credit cards and other financial information was not among the personal data compromised,” the agency said.
“They informed the Commission that they had put in place measures to secure their system, recover compromised data, prevent further disclosure and the recurrence of similar attacks,” he added.
The company said earlier that its team had cybersecurity protocols in place that allowed it to resume system operations. He also ensured that the data affected by the attack was limited only to contact information and that the financial data of its members is safe as it is protected by encryption measures as required by regulations.
The NPC reminded the S&R of its obligation to fully disclose and individually inform the data subject.
The commission also asked them to provide the technical report of the incident from the third-party cybersecurity company.